Data routing in peer-to-peer networks

ABSTRACT

System and methods for enforcing service level agreements (SLAs) between computing platforms engaged in (e.g., Internet-of-Things) data exchange via peer-to-peer (P2P) connections are described. In accordance with various embodiments, data traffic via the P2P connections is monitored, and if an SLA violation is detected, data streams are rerouted to cure the violation.

FIELD

The present disclosure relates generally to data routing in peer-to-peer(P2P) networks. Various embodiments pertain, more particularly, to datasharing in business-to-business (B2B) P2P networks subject toservice-level agreements (SLAs).

BACKGROUND

The Internet of Things (IoT) generates vast amounts of data that areoften useful not only to the organization owning or operating the IoTdevices generating the data, but also to other organizations. Forexample, electricity usage as measured by one utility company may be ofinterest to other utility companies and power plants, e.g., for theprediction of loads, or to security companies, e.g., for the detectionof suspicious activity. Accordingly, there may be incentives for sharingdata between IoT networks acting as data producers and/or dataconsumers, respectively. Data acquired by one IoT network may, forinstance, be streamed to others for an agreed-upon price. Data sharingcan be facilitated via P2P networks, and may be subject to SLAs, thatis, to contractual arrangements defining minimum levels of dataavailability and currency, or related metrics (e.g., maximum acceptabledata loss or delays, minimum data rates, mean time to recovery in caseof interruptions of data transfer, etc.). Means for enforcing such SLAshave, however, been lacking to date.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of example and notlimitation in the accompanying drawings.

FIG. 1 is a block diagram of an example system for data sharing betweendata producers and data consumers pursuant to SLAs, in accordance withvarious embodiments.

FIGS. 2A-2C are network diagrams illustrating three example data-routingscenarios in accordance with various embodiments.

FIG. 3 is a block diagram of a data-brokerage server in accordance withan example embodiment.

FIG. 4 is a block diagram of an IoT platform in accordance with anexample embodiment.

FIG. 5 is a flow chart of a method for enforcing SLA agreements in P2Pnetworks, in accordance with various embodiments.

FIG. 6 is a block diagram of a computer processing system within which aset of instructions may be executed for causing a computer to performany one or more of the methodologies discussed herein.

DETAILED DESCRIPTION

Described herein are methods, system, devices, and computer-programproducts embodied in machine-readable storage media for enforcing SLAsin P2P networks. Various embodiments relate, in particular, to P2Pnetworks of computing platforms acting as senders and/or recipients ofIoT data (hereinafter also referred to as “data producer” and “dataconsumer,” respectively). It is to be understood that an IoT computingplatform (herein also, for brevity, “IoT platform”) can generally act,at any point in time, as producer and/or consumer of IoT; often, an IoTplatform assumes both roles simultaneously with respect to differentdata streams. Moreover, in accordance with some embodiments, IoTplatforms may serve as relays of IoT data streams, e.g., to allow otherIoT platforms to meet their obligations under an SLA.

In accordance with various embodiments, data sharing between IoTcomputing platforms is facilitated by a data brokerage server connectedto the IoT computing platforms. The data-brokerage server may receivemetadata about data streams made available by the data producers andinformation about data needs of the data consumers, and pair consumerswith producers that match their needs. Based on the identified pairings,peer-to-peer (P2P) connections may be established between data producersand data consumers to enable producer-to-consumer data streaming, oftenin real time. Accordingly, the data-brokerage server assists withinitiating the connections between data producers and data consumers,but is disintermediated once the connections are established (except forthe monitoring and enforcement of SLAs as described below), in contrastto traditional data-sharing systems where data is centrally stored forretrieval by the consumers. Beneficially, avoiding such centralizedstorage in accordance with P2P embodiments as described herein rendersthe system inherently more scalable, as new participants in thedata-sharing service bring along additional storage, processingcapacity, and bandwidth.

In various embodiments, the data-brokerage server further stores,monitors, and enforces SLAs entered into by data consumers and dataproducers as part of the data-sharing arrangement. SLA monitoring mayinvolve comparing real-time data-traffic information received from theindividual IoT platforms regarding their P2P connections against theapplicable SLAs, and routing data to ensure, if possible, thatagreed-upon service levels are met. In instances where a data producerdoes not have sufficient capacity to service all data consumers thathave subscribed to its data stream directly, the data-brokerage servermay identify one or more IoT platforms with excess capacity that canserve as transmission stations, or “relays,” for the data stream. TheIoT platform acting as a relay may itself be a consumer of the datastream, and may reduce the data producer's load by forwarding the datastream on to another consumer. The relaying IoT platform may becompensated for the use of its resources on behalf of the data producer,e.g., with a discount on the price it pays for the data stream. It isalso possible that an IoT platform acts as relay for a data stream thatit has not subscribed to itself. In this case, the relay platform may beadded to the existing sub-network of IoT platforms associated with thedata stream. To limit data access to the actual subscribers (and avoidgiving the relay platform access to information it does not pay for),the data stream may be encrypted, and decryption keys given only to thesubscribing data consumers and not to the IoT platform acting purely asrelay. While IoT platforms acting in a pure relay capacity cannot getthe benefit of a discount from the data producer (at least with respectto the data stream they are merely distributing on behalf of theproducer), they may agree to serve as relays in exchange for being ableto participate in the data-sharing service, or may be compensated inother ways. For example, a data producer benefiting from the use ofanother IoT platform's resources may be obligated to pay the data-streamrelaying platform(s) directly, or the data-brokerage server may poolfees received from data producers (e.g., for managing their SLAsgenerally, or for rerouting data in cases of insufficient capacityspecifically) and remit payments to any IoT platforms it calls upon toserve as data-stream relays.

While the monitoring and enforcement of SLAs in P2P networks is hereindescribed with respect to networks employed to share IoT data, it willbe appreciated by those of ordinary skill in the art that many of theunderlying principles and described features are equally applicable toother types of data and P2P networks. Embodiments may be used, forexample, for transactional data from business systems, video streams,and files.

The foregoing will be more readily understood from the followingdescription of various example embodiments, in particular when taken inconjunction with the accompanying drawings.

FIG. 1 is a block diagram of a system 100 for sharing data between dataproducers and data consumers as brokered by a data-brokerage server 102,in accordance with various embodiments. The system 100 includes aplurality of IoT platforms (e.g., platforms 104, 106, 108), each ofwhich may be connected to one or more IoT devices 110 generating data.Examples of IoT devices 110 include, without limitation, stationary ormobile computing devices (e.g., personal computers, laptops,smartphones, tablets, wearable computing devices), audio and videodevices (e.g., televisions, cameras, gaming platforms), environmentalsensors and monitoring devices (e.g., temperature sensors, pressuresensors, flow sensors, seismic sensors, etc., and related warningsystems), biomedical sensors and monitoring devices (e.g., bloodpressure and heart rate monitors), as well as sensors and controllers invehicles, automated manufacturing systems, building or home automationsystems, security systems, transportation systems, energy-managementsystems, etc. Each of the IoT platforms 104, 106, 108 runs an agentapplication 112 (which may have been downladed from the data-brokerageserver 102 upon registration) that operates in conjunction with thedata-brokerage server 102, facilitating data exchange with other IoTplatforms as brokered by the data-brokerage server 102. Thedata-brokerage server 102 as well as the IoT platforms 104, 106, 108 maygenerally each be implemented by a single computing machine (e.g., acomputer as illustrated in FIG. 6) or by multiple machinesintercommunicating via a suitable network.

In the example depicted in FIG. 1, the system 100 includes three IoTplatforms 104, 106, 108, acting as data producer, relay, and dataconsumer, respectively. It is to be understood, however, that the system100 may generally include any number of IoT platforms, and that eachindividual IoT platform (e.g., 104, 106, 108) may generally act as dataproducer and/or data consumer (e.g., serving in both capacities atdifferent times or even simultaneously with respect to different datastreams) and further as a relay (of data streams with respect to whichit may or may not also act as data consumer). Accordingly, the agentapplications 112 may include the functionalities for both data producersand data consumers as well as relays (see also FIG. 3 below), and theIoT platforms, depending on their momentary operation in one or another,may utilize different subsets of the functionalities. In someembodiments, the various IoT platforms execute different instances ofthe same agent application 112.

To participate in data sharing, the IoT platforms indicate theirpresence to the data-brokerage server 102. Further, for an IoT platformacting as data producer (e.g., as depicted, IoT platform 104), the agentapplication 112 transmits metadata about the data streams the IoTplatform offers (e.g., for purchase or for free) to the data-brokerageserver 102. That metadata may include, e.g., the types of data andassociated units, data rates, information about the IoT devices 110collecting the data (such as, e.g., their locations, manufacturers,model and serial numbers, measurement accuracies), and any relevantpricing information if the data is available for purchase. Similarly,for an IoT platform acting as data consumer (e.g., as depicted, IoTplatform 108), the agent application 112 transmits information about thedata streams of interest, such as the types of data and the(geographically or otherwise defined) locations where the data is to becollected. Based on the information received from the data producer(s)and data consumer(s), the data-brokerage server 102 can identify datastreams matching a given data consumer's interests. Upon selection, by adata consumer, of the data stream(s) to which it wishes to subscribe,the data-brokerage server 102 may exchange communications with the dataconsumer and each of the data producers to establish a contract betweendata producer and data consumer directly and/or with the data-brokerageservice provided by the server 102. The contract may include pricing andpayment terms (such as, e.g., a price to be paid by the data consumer tothe data producer, directly or via the data-brokerage service, and anycommission to be paid to the data-brokerage service), as well as any SLAterms.

To cause a given pair of data consumer and data producer (e.g., asshown, IoT platforms 104, 108) to connect and begin data transfer, thedata-brokerage server 102 may send configuration information and, aspart of the configuration information or separately, the network addressof the respective other IoT platform. The configuration information may,for instance, specify data rates as provided in the SLA, or formattingapplied to the data stream producer-side prior to transmission orconsumer-side upon receipt. The configuration may be split into generalmetadata describing the data stream characteristics (such as availablefields, update intervals, etc.) and a link configuration containinginformation about the specific provider-consumer data exchange for aspecific data stream. To ensure the security and privacy of the datastream, the data-brokerage server 102 may also generate and sendencryption keys or similar security tokens to the data-producer anddata-consumer platforms 104, 108. Using the network addresses (and,optionally, security tokens), the agent applications 112 executing onthe data-consumer and data-producer IoT platforms 104, 108 can thenestablish a (secure) P2P connection 120 between them. Depending on thepreferences and external-access policies of the data-producer IoTplatform 104 and data-consumer IoT platform 108, the P2P connection 120can be initiated by either one or both of them. For example, if only oneof the two IoT platforms 104, 108 allows external access from theInternet, the other IoT platform will initiate communications. If bothallow external access, the initialization of communications may defaultto the data consumer, in some embodiments. If neither of the IoTplatforms 104, 108 allows external access, both may initiatecommunications with a proxy node. In some embodiments, security tokensare set to expire after a certain time period, and updated securitytokens are sent periodically to the data-consumer IoT platform 108 andthe data-producer IoT platform 104 to reestablish the connection.

Once a P2P connection 120 is established between a data-producer IoTplatform 104 and a data-consumer IoT platform 108, transfer of the datastream from the data-producer IoT platform 104 to the data-consumer IoTplatform 108 begins. In accordance with embodiments of the disclosedsubject matter, for the purpose of enforcing SLA terms, thedata-producer 104 IoT platform and/or the data-consumer IoT platform 108monitor the data traffic associated with the data stream, and senddata-traffic information to the data-brokerage server 102. Based on thedata-traffic information, generally aggregated over multiple P2Pconnections 120 maintained by a given data-producer IoT platform as wellas gathered for multiple IoT platforms, the data-brokerage server 102can measure the loads (e.g., bandwidth usage) and free capacity (e.g.,free bandwidth) of IoT platforms, determine whether SLAs are met, and(re-)route data to enable data producers to meet their SLA obligationsand/or, more generally, to balance loads and optimize data transferrates and similar metrics.

In some situations, illustrated and explained with reference to FIG. 2below, it may be beneficial, instead of routing data from thedata-producer platform 104 directly to the data-consumer platform 108(via P2P connection 120), to relay the data stream instead via a third,intermediate IoT platform 106. This intermediate (or “relay”) IoTplatform 106 may be identified, by the data-brokerage server 102, basedon an indication of its presence in conjunction with data-trafficinformation indicating free capacity. To reroute the data stream, thedata-brokerage server 102 may send updated configuration information tothe data-producer and data-consumer IoT platforms 104, 108 as well as tothe relay IoT platform 106, causing new P2P connections 122, 124 to beestablished between the data-producer IoT platform 104 and the relay IoTplatform 106 and between the relay IoT platform 106 and thedata-consumer IoT platform 108, in lieu of the direct P2P connection120. For encrypted data streams, the encryption keys are still providedto the data-producer and data-consumer IoT platforms 104, 108, and notto the relay IoT platform 106, unless the latter is itself a dataconsumer with respect to the data stream it relays.

FIGS. 2A-2C are network diagrams illustrating three example data-routingscenarios in accordance with various embodiments. Each diagram shows asubset of the IoT platforms within a larger IoT-data-sharing network,the subset forming a sub-network associated with a single data stream.In FIG. 2A, the sub-network includes a data producer (labeled “P”)sending the data stream (indicated by arrows) directly to three dataconsumers (labeled “C1,” “C2,” and “C3”). Assume that these three dataconsumers C1, C2, C3 exhaust the bandwidth of the data producer P, suchthat further data consumers cannot be serviced without a reduction inservice levels to the first three data consumers. In order tononetheless give additional data consumer C4 and C5 access to the datastream, some of the data consumers may be configured to also relay thereceived data stream to other data consumers. For example, as shown inFIG. 2B, data consumer C1 is configured to double as a relay,transmitting the data stream to data consumer C4, and data consumer C2is similarly configured to relay the data stream to data consumer C5.Assume now that none of the data consumers in the sub-network of FIG. 2Ahas sufficient free bandwidth to transmit data to additional dataconsumers. In this case, the existing sub-network may be expanded byadding an additional peer IoT platform (labeled “R”) that serves merelyas a relay, without itself being a data consumer. The relay R may beselected from among the larger data-sharing network (e.g., it may be adata producer or data consumer of another data stream), or may even be anewly deployed computing platform deployed by the data-brokerage serveras a “virtual node” purely for the purpose of transmitting data streams.

FIG. 3 is a block diagram illustrating, in more detail, a data-brokerageserver 102 in accordance with an example embodiment. The data-brokerageserver 102 includes a number of computational modules, such as adata-brokerage service application 300, an SLA monitor 302, an SLAmanager 304, and an agent-configuration manager 306. These modules areimplemented by a suitable combination of hardware and/or software, suchas by one or more computer processors executing program code stored inmemory. The data-brokerage server 102 further stores various datarepositories, including a marketplace repository 310 containing metadataabout data streams provided by data producers and, optionally, aboutdata streams of interest to data consumers, an SLA repository 312storing the SLAs associated with data sharing arrangements betweenproducers and consumers, and an agent and link configurations repository314 holding information about the configuration of the data-sharingnetwork and the connections between the IoT platforms therein as well asconfigurations of the agent applications 112 running on the individualIoT platforms. These data repositories 310-314 are usually implementedin permanent data storage devices, and may be organized, e.g., asdatabases, hashes, or file repositories. The data-brokerage server 102also includes a network interface (or multiple such interfaces onmultiple computers collectively constituting the data-brokerage server102) for communicating with the IoT platforms (e.g., IoT platforms 104,106, 108).

The data-brokerage service application 300 brokers the data exchangebetween IoT platforms based on information received from the IoTplatforms about the data streams they provide or which they areinterested in. Some or all of the information is stored in themarketplace repository 310, populating the repository 310 over time.Metadata about available data streams stored in the marketplacerepository 310 may include, for example, identifying information of therespective data producer (e.g., network address and the name of thecompany or organization), a name and/or general description of the datastream (such as, e.g., “weather data”), the general type of data (e.g.,whether it is time-series data acquired at a fixed data update rate orevent data), a list of the data fields included in the data stream(including for each field, for example, a name of the quantity measured(e.g., temperature) and the corresponding units (e.g., degreesFahrenheit or degrees Celsius)), data rates (e.g., one data sample perminute) or other availability information (including, e.g., indicationsof time periods during which data is unavailable or acquired at areduced rate), locational information (e.g., descriptors of cities,countries, or geographic regions for which the data is acquired; orcoordinates or addresses associated with the IoT device locations), andpricing information (e.g., a minimum or fixed price per amount of dataor periodic subscription fee). The marketplace repository 310 may alsostore metadata about the data streams of interest to consumers,including identifying information of the respective data consumer (e.g.,network address and the name of the company or organization), a list ofthe data fields of interest, indications of desired data rates, andpricing information (e.g., a maximum price the data consumer is willingto pay).

In some embodiments, the data-brokerage service application 300generates user interfaces to present information to and/or solicitinformation from human platform users/operators. For example, a searchinterface may allow the user to search for data streams of interest(e.g., by entering search tokens for a free-form search or filling in astructured search form). The data-brokerage service application 300 canthen run the user input against the marketplace repository 310 toidentify data streams matching the data consumer's needs, and presentthe results to the user. Alternatively, the user may be given theopportunity to browse available data (e.g., using one or more drop-downmenus that organize data streams by industry and/or data type). Datastreams may also be recommended to data consumers based onconsumer-profile information (such as the industry and/or geographicregion the organization owning or operating the data-consumer platformoperates in). In any case, suitable user-interface components mayfacilitate user selection of one or more data streams (or portionsthereof). Upon receipt of such a selection, the data-brokerage serviceapplication 300 may communicate pricing and payment terms, SLA terms,and/or other contractual provisions to the data consumer, and optionallythe data producer (e.g., in cases where the data producer allows fornegotiation of terms with individual data consumers, as opposed tooffering data under fixed terms), and solicit agreement to these terms.The SLAs agreed upon are stored in the SLA repository 312. In someembodiments, the operator of the data-brokerage service is itself aparty to the contract, e.g., guaranteeing specified service levelsand/or receiving a commission or fixed fee for facilitating the dataexchange between data consumer and data producer. Once all parties haveentered into the data-sharing contract, and optionally followingverification of payment, the data-brokerage server 102 may triggerset-up of a (direct or indirect) P2P connection between the dataproducer and data consumer in accordance with a configuration determinedby the agent configuration manager 306, e.g., by generating andtransmitting security tokens and/or encryption keys as well asconfiguration information including network addresses for the P2Pconnections to the agent applications 112 on the respective IoTplatforms.

During data exchange via the P2P connections, data-traffic information(such as, e.g., download and/or upload data rates and information aboutany packet losses or delays) is continuously sent from the IoT platformsto the SLA monitor 302 executing on the data-brokerage server 102. TheSLA monitor 302 looks up the SLAs associated with the variousconnections to determine, from the reported data-traffic information,whether all SLA terms are met. If the SLA monitor 302 detects aviolation of one or more terms of an SLA, it alerts the SLA manager 304.The SLA manager 304 accesses the agent and links configurationsrepository 314 to ascertain the current configuration of the IoTdata-sharing network, particularly the P2P connection path over whichthe data stream subject to the SLA violation is sent. Based on theconfiguration, in conjunction with the data-traffic information, the SLAmanager 304 identifies one or more IoT platforms that can be added tothe connection path as relays to assist the data-producer IoT platformto meet its obligations under the SLA and cure the violation. Inaccordance with various embodiments, the SLA manager 304 performs ahierarchical search for IoT platforms with sufficient free capacity toserve as relays, beginning with IoT platforms already within thesub-network associated with the data stream to be relayed (as dataconsumers), continuing with the larger network if no suitable relayplatform can be found within the sub-network, and finally moving on tocomputational platforms not presently engaged in data sharing via thenetwork, but available for deployment as relays. Once the IoTplatform(s) to be added to the peer network have been identified, theyare communicated from the SLA manager 304 to the agent configurationmanager 306. The agent configuration manager 306 updates the linkconfigurations and agent configurations accordingly in the agent andlink configurations repository 314, and further sends updatedconfiguration information to the IoT platforms subject to the update,which include the data-producer IoT platform 104 (whose data stream isnow re-directed to the added relay IoT platform 106), the data-consumerIoT platform 108 (which is configured to now receive the data streamfrom the added relay IoT platform), and the relay IoT platform 106itself (which establishes a new P2P connection at least with thedata-consumer IoT platform 108, and if not a data consumer of the datastream also with the data-producer IoT platform 104).

As will be appreciated by those of ordinary skill in the art, theorganization of the overall functionality of the data-brokerage server102 into various modules is by way of example only, and other ways ofgrouping the described functionality are possible.

Turning now to the data consumer, FIG. 4 is a block diagram of an IoTplatform 400 (e.g., corresponding to any one of IoT platforms 104, 106,108) in accordance with an example embodiment. The IoT platform 400,which may be implemented by one or more computers, includes one or moredata-processing modules 402 for processing the raw data received fromthe IoT devices 110 connected to the IoT platform 400, and an agentapplication 112 facilitating data exchange with other IoT platforms viaP2P connections as brokered by the data-brokerage service application300. The data-processing module(s) 402 and agent application 112 may beimplemented by one or more processors executing program code stored inmemory. The IoT platform 400 may further include one or more datastorage devices for temporarily or permanently storing raw and/orprocessed IoT data. To enable communications with the data-brokerageserver 102 and other IoT platforms, the IoT platform 400 includes anetwork interface (or multiple such interfaces on multiple computerscollectively constituting the IoT platform) (not shown).

The data-processing modules 402 may condition, filter, aggregate,average, and/or resample incoming raw data streams, e.g., to removenoise or outliers or otherwise improve the data quality. Furthermore,the data-processing modules 402 may analyze and process the data toderive new quantities of interest. Raw data and/or processed data may bepassed on to the agent application 112 for streaming to other IoTplatforms. Conversely, data streams received at the agent application112 from other IoT platforms may be forwarded to the data-processingmodule(s) 402 for processing and analysis, or stored in permanentstorage of the IoT platform 400 for future use. The IoT platform 400 mayalso expose an application programming interface (API) allowingthird-party vendors to provide additional processing or analysiscapabilities, e.g., via plug-ins.

The agent application 112 may include various sub-modules, including,e.g., a configuration manager 404, a P2P client 406, and a trafficmonitor 408. The configuration manager 404 processes configurationinformation received from the data-brokerage server 102 to determine,e.g., which of its peer IoT platforms it is to connect to and which datastreams are to be sent or received via these connections. The P2P client406 establishes the P2P connections with the peer IoT platforms (e.g.,using a secure handshake), streams raw and/or processed data acquired bythe IoT platform 400 and receives data streams from other IoT platforms.In case of encrypted data exchange, the P2P platform also encryptsoutgoing and decrypts incoming data streams (using the encryption keysprovided by the data-brokerage server 102). The traffic monitor 408measures data traffic over the P2P connections established by the P2Pclient 406, and sends related data-traffic information to thedata-brokerage server 102. If the data-brokerage server 102 updates theconfiguration information, e.g., to enforce SLA obligations of the IoTplatform 400, such updates are implemented by the configuration manager404. The agent application 112 may include further sub-modules (notshown) for preparing outgoing data streams for transmission, e.g., byremoving personally identifiable information or other specifiedinformation that ought not be shared (e.g., for compliance with privacylaws or other regulations) or formatting data in accordance with aconfiguration received from the data-brokerage server, or for filtering,formatting, and/or aggregating incoming data streams.

FIG. 5 is a flow chart of a method for enforcing SLA agreements in P2Pnetworks, in accordance with various embodiments. The method 500, viewedfrom the perspective of the data-brokerage server 102, begins with thereceipt of (usually real-time) data-traffic information from the IoTplatforms within the data-sharing network (act 502). The data-trafficinformation for a given pair of data producer and data consumer iscompared (repeatedly, as indicated by the loop) against the terms of anSLA between them (act 504), and if the SLA is violated in any of itsterms (or a violation is immanent) (as determined in act 506), an alertis issued (act 508). To cure the violation, IoT platforms with freecapacity to serve as relay IoT platforms within the P2P data-sharingnetwork are identified (act 510). The relay IoT platform(s) may beselected from among the (other) data consumers of the data stream thatis subject to the violation, or from the P2P network at large.Alternatively, e.g., if none of the connected IoT platforms hassufficient capacity to serve as a relay, one or more computing platformsnot previously part of the P2P network may be newly deployed as “virtualnodes” (act 512). Once the relay platforms have been identified, thenetwork configuration is updated accordingly, e.g., by modifyingexisting configurations for the data stream (to reroute the data stream)and/or creating new configurations for relay platforms that did notpreviously receive the data stream (act 514). The updated configurationinformation is then distributed to the data producer, data consumer, andrelay platforms to alter the network configuration (act 516). Datatraffic continues to be monitored, and if it is determined, at a latertime, that the original configuration is again adequate to satisfy theSLA (e.g., because resources of the data producer have freed up), thereconfiguration of the network may be reversed such that the data flowreverts to the original data flow.

A system according to one example embodiment includes a server(including one or more processors) that is communicatively coupled to aplurality of computing platforms engaged in data exchange viapeer-to-peer connections. The server is configured to perform operationsincluding: receiving, from the plurality of computing platforms,data-traffic information about data traffic over the peer-to-peerconnections; comparing the data-traffic information against servicelevel agreements to determine whether the service level agreements aremet; and, upon detection of a violation of a term of a service levelagreement associated with a data-producer computing platform and adata-consumer computing platform, reconfiguring the peer-to-peerconnections to cure the violation by routing a data stream from thedata-producer computing platform to the data-consumer computing platformvia at least one additional computing platform having free capacity. Theserver may include one or more data storage devices storing the servicelevel agreements and configurations associated with the peer-to-peerconnections. Reconfiguring the peer-to-peer connections may includeupdating the configurations and distributing updated configurationinformation to the data-producer computing platform, the data-consumercomputing platform, and the at least one additional computing platform.The system may also include agent applications executing on theplurality of computing platforms, the agent applications configured tomonitor data traffic over the peer-to-peer connections and, based on themonitoring, send the data-traffic information to the server. The agentapplications may be further configured to establish the peer-to-peerconnections and exchange data via the peer-to-peer connections inaccordance with configuration information received from the server. Insome cases, the operations performed by the server further includeidentifying one or more computing platforms having free capacity basedon data-traffic information provided by the one or more computingplatforms, and selecting the at least one additional computing platformfrom among the identified one or more computing platforms. Further, theoperations may include providing one or more encryption keys to thedata-consumer platform and the data-producer platform, and to the atleast one additional computing platform only if it is itself a dataconsumer of the data stream. The system may also include one or morecomputing platforms available for deployment in response to thedetection of the violation. The operations performed by the server mayinclude restoring an original configuration of the peer-to-peerconnections upon determining that the previously violated term of theservice level agreement can again be met without routing the data streamvia the at least one additional computing platform.

A method in accordance with one embodiment involves receiving at aserver, from a plurality of computing platforms engaged in data exchangevia peer-to-peer connections and communicatively coupled to the server,data-traffic information about data traffic over the peer-to-peerconnections; comparing the data-traffic information against servicelevel agreements to determine whether the service level agreements aremet; and, upon detection of a violation of a term of a service levelagreement associated with a data-producer computing platform and adata-consumer computing platform, reconfiguring the peer-to-peerconnections to cure the detected violation by routing a data stream fromthe data-producer computing platform to the data-consumer computingplatform via at least one additional computing platform having freecapacity. The may further include identifying one or more computingplatforms having free capacity based on data-traffic informationprovided by the one or more computing platform, and selecting the atleast one additional computing platform from among the identified one ormore computing platforms. The at least one additional computing platformmay be selected from among one or more computing platforms that arethemselves data consumers of the data stream; in this case, the at leastone additional computing platform may be caused to receive a pricediscount for the data stream from the data-producing platform.Alternatively, the at least one additional computing platform may be aplatform that is not itself a data consumer of the data stream; themethod may further include providing one or more encryption keys to thedata-consumer platform and the data-producer platform, but, in thiscase, not to the at least one additional computing platform. The atleast one additional computing platform may be deployed deployed inresponse to the detection of the violation. Further, an originalconfiguration of the peer-to-peer connections may be restored upondetermining that the term of the service level agreement can be metwithout routing the data stream via the at least one additionalcomputing platform. Reconfiguring the peer-to-peer connections mayinclude distributing updated configuration information to thedata-producer computing platform, the data-consumer computing platform,and the at least one additional computing platform.

In accordance with one embodiment, one or more tangiblecomputer-readable media store instructions to control the operation ofone or more processors, the instructions, when executed by the one ormore processors, causing the one or more processors to performoperations comprising: receiving, from a plurality of computingplatforms engaged in data exchange via peer-to-peer connections,data-traffic information about data traffic over the peer-to-peerconnections; comparing the data-traffic information against servicelevel agreements to determine whether the service level agreements aremet; and, upon detection of a violation of a term of a service levelagreement associated with a data-producer computing platform and adata-consumer computing platform, reconfiguring the peer-to-peerconnections to cure the detected violation by routing a data stream fromthe data-producer computing platform to the data-consumer computingplatform via at least one additional computing platform having freecapacity. The one or more tangible computer-readable media may alsostore instructions for performing other operations describe above aspart of a method or system according to embodiments, including, e.g.,the operations of identifying one or more computing platforms havingfree capacity based on data-traffic information provided by the one ormore computing platforms, and selecting the at least one additionalcomputing platform from among the identified one or more computingplatforms, and/or restoring an original configuration of thepeer-to-peer connections upon determining that the term of the servicelevel agreement can be met without routing the data stream via the atleast one additional computing platform.

Certain embodiments are described herein as including logic or a numberof components, modules, or mechanisms. Modules may constitute eithersoftware modules (e.g., code embodied on a machine-readable medium or ina transmission signal) or hardware modules. A “hardware module” is atangible unit capable of performing certain operations and may beconfigured or arranged in a certain physical manner. In various exampleembodiments, one or more computer systems (e.g., a standalone computersystem, a client computer system, or a server computer system) or one ormore hardware modules of a computer system (e.g., a processor or a groupof processors) may be configured by software (e.g., an application orapplication portion) as a hardware module that operates to performcertain operations as described herein.

In some embodiments, a hardware module may be implemented mechanically,electronically, or with any suitable combination thereof. For example, ahardware module may include dedicated circuitry or logic that ispermanently configured to perform certain operations. For example, ahardware module may be a special-purpose processor, such as afield-programmable gate array (FPGA) or an Application SpecificIntegrated Circuit (ASIC). A hardware module may also includeprogrammable logic or circuitry that is temporarily configured bysoftware to perform certain operations. For example, a hardware modulemay include software encompassed within a general-purpose processor orother programmable processor. It will be appreciated that the decisionto implement a hardware module mechanically, in dedicated andpermanently configured circuitry, or in temporarily configured circuitry(e.g., configured by software) may be driven by cost and timeconsiderations.

Accordingly, the phrase “hardware module” should be understood toencompass a tangible entity, be that an entity that is physicallyconstructed, permanently configured (e.g., hardwired), or temporarilyconfigured (e.g., programmed) to operate in a certain manner or toperform certain operations described herein. As used herein,“hardware-implemented module” refers to a hardware module. Consideringembodiments in which hardware modules are temporarily configured (e.g.,programmed), each of the hardware modules need not be configured orinstantiated at any one instance in time. For example, where a hardwaremodule comprises a general-purpose processor configured by software tobecome a special-purpose processor, the general-purpose processor may beconfigured as respectively different special-purpose processors (e.g.,comprising different hardware modules) at different times. Software mayaccordingly configure a particular processor or processors, for example,to constitute a particular hardware module at one instance of time andto constitute a different hardware module at a different instance oftime.

Hardware modules can provide information to, and receive informationfrom, other hardware modules. Accordingly, the described hardwaremodules may be regarded as being communicatively coupled. Where multiplehardware modules exist contemporaneously, communications may be achievedthrough signal transmission (e.g., over appropriate circuits and buses)between or among two or more of the hardware modules. In embodiments inwhich multiple hardware modules are configured or instantiated atdifferent times, communications between such hardware modules may beachieved, for example, through the storage and retrieval of informationin memory structures to which the multiple hardware modules have access.For example, one hardware module may perform an operation and store theoutput of that operation in a memory device to which it iscommunicatively coupled. A further hardware module may then, at a latertime, access the memory device to retrieve and process the storedoutput. Hardware modules may also initiate communications with input oroutput devices, and can operate on a resource (e.g., a collection ofinformation).

The various operations of example methods described herein may beperformed, at least partially, by one or more processors that aretemporarily configured (e.g., by software) or permanently configured toperform the relevant operations. Whether temporarily or permanentlyconfigured, such processors may constitute processor-implemented modulesthat operate to perform one or more operations or functions describedherein. As used herein, “processor-implemented module” refers to ahardware module implemented using one or more processors.

Similarly, the methods described herein may be at least partiallyprocessor-implemented, with a particular processor or processors beingan example of hardware. For example, at least some of the operations ofa method may be performed by one or more processors orprocessor-implemented modules. Moreover, the one or more processors mayalso operate to support performance of the relevant operations in a“cloud computing” environment or as a “software as a service” (SaaS).For example, at least some of the operations may be performed by a groupof computers (as examples of machines including processors), with theseoperations being accessible via a network (e.g., the Internet) and viaone or more appropriate interfaces (e.g., an application programinterface (API)).

The performance of certain of the operations may be distributed amongthe processors, not only residing within a single machine, but deployedacross a number of machines. In some example embodiments, the processorsor processor-implemented modules may be located in a single geographiclocation (e.g., within a home environment, an office environment, or aserver farm). In other example embodiments, the processors orprocessor-implemented modules may be distributed across a number ofgeographic locations.

FIG. 6 is a block diagram of a computer processing system 600 withinwhich a set of instructions 624 may be executed for causing a computerto perform any one or more of the methodologies discussed herein. Insome embodiments, the computer operates as a standalone device or may beconnected (e.g., networked) to other computers. In a networkeddeployment, the computer may operate in the capacity of a server or aclient computer in server-client network environment, or as a peercomputer in a peer-to-peer (or distributed) network environment.

In addition to being sold or licensed via traditional channels,embodiments may also, for example, be deployed by software-as-a-service(SaaS), application service provider (ASP), or by utility computingproviders. The computer may be a server computer, a personal computer(PC), a tablet PC, a personal digital assistant (PDA), a cellulartelephone, or any processing device capable of executing a set ofinstructions (sequential or otherwise) that specify actions to be takenby that device. Further, while only a single computer is illustrated,the term “computer” shall also be taken to include any collection ofcomputers that, individually or jointly, execute a set (or multiplesets) of instructions to perform any one or more of the methodologiesdiscussed herein.

The example computer processing system 600 includes a processor 602(e.g., a central processing unit (CPU), a graphics processing unit(GPU), or both), a main memory 604, and a static memory 606, whichcommunicate with each other via a bus 608. The computer processingsystem 600 may further include a video display 610 (e.g., a plasmadisplay, a liquid crystal display (LCD), or a cathode ray tube (CRT)).The computer processing system 600 also includes an alphanumeric inputdevice 612 (e.g., a keyboard), a user interface (UI) navigation (e.g.,cursor control) device 614 (e.g., a mouse and/or touch screen), a driveunit 616, a signal generation device 618 (e.g., a speaker), and anetwork interface device 420.

The drive unit 616 includes a machine-readable medium 622 on which isstored one or more sets of instructions 624 and data structuresembodying or utilized by any one or more of the methodologies orfunctions described herein. The instructions 624 may also reside,completely or at least partially, within the main memory 604, the staticmemory 606, and/or within the processor 602 during execution thereof bythe computer processing system 600, the main memory 604, the staticmemory 606, and the processor 602 also constituting tangiblemachine-readable media 622.

The instructions 624 may further be transmitted or received over anetwork 626 via the network interface device 620 utilizing any one of anumber of well-known transfer protocols (e.g., Hypertext TransferProtocol).

While the machine-readable medium 622 is shown in an example embodimentto be a single medium, the term “machine-readable medium” should betaken to include a single medium or multiple media (e.g., a centralizedor distributed database, and/or associated caches and servers) thatstore the one or more sets of instructions 624. The term“machine-readable medium” shall also be taken to include any medium thatis capable of storing, encoding, or carrying a set of instructions 624for execution by the computer and that cause the computer to perform anyone or more of the methodologies of the present application, or that iscapable of storing, encoding, or carrying data structures utilized by orassociated with such a set of instructions 624. The term“machine-readable medium” shall accordingly be taken to include, but notbe limited to, solid-state memories and optical and magnetic media.

While the embodiments of the invention(s) is (are) described withreference to various implementations and exploitations, it will beunderstood that these embodiments are illustrative and that the scope ofthe inventive subject matter is not limited to them. In general,techniques for maintaining consistency between data structures may beimplemented with facilities consistent with any hardware system orhardware systems defined herein. Many variations, modifications,additions, and improvements are possible.

Plural instances may be provided for components, operations, orstructures described herein as a single instance. Finally, boundariesbetween various components, operations, and data stores are somewhatarbitrary, and particular operations are illustrated in the context ofspecific illustrative configurations. Other allocations of functionalityare envisioned and may fall within the scope of the inventive subjectmatter. In general, structures and functionality presented as separatecomponents in the exemplary configurations may be implemented as acombined structure or component. Similarly, structures and functionalitypresented as a single component may be implemented as separatecomponents. These and other variations, modifications, additions, andimprovements fall within the scope of the inventive subject matter.

What is claimed is:
 1. A system comprising: a server comprising one ormore processors and communicatively coupled to a plurality of computingplatforms engaged in data exchange via one or more peer-to-peerconnections, the server being configured to perform operationscomprising: receiving, from the plurality of computing platforms,data-traffic information about data traffic over the one or morepeer-to-peer connections; comparing the data-traffic information againstone or more service level agreements to determine whether the one ormore service level agreements are met; and upon detection of a violationof a term of a service level agreement that is among the one or moreservice level agreements and associated with a data-producer computingplatform and with a data stream available from the data-producercomputing platform, reconfiguring at least one of the one or morepeer-to-peer connections to cure the violation by causing a firstdata-consumer computing platform with free capacity to relay the datastream, to which the first data-consumer computing platform is notsubscribed, from the data-producer computing platform to a seconddata-consumer computing platform in exchange for a provision of a pricediscount to the first data-consumer computing platform for relaying thedata stream to which the first data-consumer computing platform is notsubscribed.
 2. The system of claim 1, wherein the server comprises oneor more data storage devices storing the one or more service levelagreements and configurations associated with the one or morepeer-to-peer connections.
 3. The system of claim 2, whereinreconfiguring at least one of the one or more peer-to-peer connectionscomprises updating the configurations and distributing updatedconfiguration information to the data-producer computing platform, thefirst data-consumer computing platform, and the second data-consumercomputing platform.
 4. The system of claim 1, further comprising agentapplications executing on the plurality of computing platforms, theagent applications being configured to monitor data traffic over the oneor more peer-to-peer connections and, based on the monitoring, send thedata-traffic information to the server.
 5. The system of claim 4,wherein the agent applications are further configured to establish theone or more peer-to-peer connections and exchange data via the one ormore peer-to-peer connections in accordance with configurationinformation received from the server.
 6. The system of claim 1, whereinthe operations further comprise identifying one or more computingplatforms having free capacity based on data-traffic informationprovided by the one or more computing platforms, and selecting thesecond data-consumer computing platform from among the identified one ormore computing platforms.
 7. The system of claim 1, wherein theoperations further comprise providing one or more encryption keys to thefirst data-consumer platform and the data-producer platform, and to thesecond data-consumer.
 8. The system of claim 1, further comprising oneor more computing platforms available for deployment in response to thedetection of the violation.
 9. The system of claim 1, wherein theoperations further comprise restoring an original configuration of theone or more peer-to-peer connections upon determining that the term ofthe service level agreement can be met without relaying the data streamvia the first data-consumer computing platform to the seconddata-consumer computing platform.
 10. The system of claim 1, wherein thedata stream relayed by the first data-consumer computing platform, butto which the first data-consumer computing platform is not subscribed,is encrypted, and decryption keys of the encrypted data stream areabsent from the first data-consumer computing platform that relays theencrypted data stream.
 11. A method comprising: by a servercommunicatively coupled to a plurality of computing platforms engaged indata exchange via one or more peer-to-peer connections, receiving, fromthe plurality of computing platforms, data-traffic information aboutdata traffic over the one or more peer-to-peer connections; comparingthe data-traffic information against one or more service levelagreements to determine whether the one or more service level agreementsare met; and upon detection of a violation of a term of a service levelagreement that is among the one or more service level agreements andassociated with a data-producer computing platform and with a datastream available from the data-producer computing platform,reconfiguring at least one of the one or more peer-to-peer connectionsto cure the detected violation by causing a first data-consumercomputing platform with free capacity to relay the data stream, to whichthe first data-consumer computing platform is not subscribed, from thedata-producer computing platform to a second data-consumer computingplatform in exchange for a provision of a price discount to the firstdata-consumer computing platform for the relayed data stream to whichthe first data-consumer computing platform is not subscribed.
 12. Themethod of claim 11, further comprising identifying one or more computingplatforms having free capacity based on data-traffic informationprovided by the one or more computing platform, and selecting the seconddata-consumer computing platform from among the identified one or morecomputing platforms.
 13. The method of claim 11, wherein at least oneadditional computing platform is deployed in response to the detectionof the violation.
 14. The method of claim 11, further comprisingrestoring an original configuration of the one or more peer-to-peerconnections upon determining that the term of the service levelagreement can be met without relaying the data stream via the firstdata-consumer computing platform to the second data-consumer computingplatform.
 15. The method of claim 11, wherein reconfiguring the one ormore peer-to-peer connections comprises distributing updatedconfiguration information to the data-producer computing platform, thefirst data-consumer computing platform, and the second data-consumercomputing platform.
 16. The method of claim 11, wherein the data streamrelayed by the first data-consumer computing platform, but to which thefirst data-consumer computing platform is not subscribed, is encrypted,and decryption keys of the encrypted data stream are absent from thefirst data-consumer computing platform that relays the encrypted datastream.
 17. One or more non-transitory computer-readable media storinginstructions to control the operation of one or more processors, theinstructions, when executed by the one or more processors, causing theone or more processors to perform operations comprising: receiving, froma plurality of computing platforms engaged in data exchange via one ormore peer-to-peer connections, data-traffic information about datatraffic over the one or more peer-to-peer connections; comparing thedata-traffic information against one or more service level agreements todetermine whether the one or more service level agreements are met; andupon detection of a violation of a term of a service level agreementthat is among the one or more service level agreements and associatedwith a data-producer computing platform and with a data stream availablefrom the data-producer computing platform, reconfiguring at least one ofthe one or more peer-to-peer connections to cure the detected violationby causing a first data-consumer computing platform with free capacityto relay the data stream, to which the first data-consumer computingplatform is not subscribed, from the data-producer computing platform toa second data-consumer computing platform in exchange for a provision ofa price discount to the first data-consumer computing platform for therelayed data stream to which the first data-consumer computing platformis not subscribed.
 18. The one or more non-transitory computer-readablemedia of claim 17, wherein the operations further comprise: identifyingone or more computing platforms having free capacity based ondata-traffic information provided by the one or more computingplatforms, and selecting the second data-consumer computing platformfrom among the identified one or more computing platforms.
 19. The oneor more non-transitory computer-readable media of claim 17, wherein theoperations further comprise: restoring an original configuration of theone or more peer-to-peer connections upon determining that the term ofthe service level agreement can be met without relaying the data streamvia the first data-consumer computing platform to the seconddata-consumer computing platform.
 20. The one or more non-transitorycomputer-readable media of claim 17, wherein the data stream relayed bythe first data-consumer computing platform, but to which the firstdata-consumer computing platform is not subscribed, is encrypted, anddecryption keys of the encrypted data stream are absent from the firstdata-consumer computing platform that relays the encrypted data stream.